Documentation - VeriBits

🎯 Why We Made VeriBits

VeriBits was born from a simple observation: security tools are either too complex for developers or too simplistic for security professionals.

We created VeriBits to bridge this gap by providing:

🔐 Enterprise-Grade Security

Professional-level tools without the enterprise complexity

⚡ Developer-Friendly

Simple APIs and CLI tools that integrate seamlessly into workflows

🚀 Speed & Reliability

Instant results with 99.9% uptime SLA

🔄 Automation-Ready

Built for CI/CD, IaC, and automated security workflows

After working with dozens of security tools across multiple organizations, we realized that most tools fall into two categories:

Too Complex: Enterprise solutions with steep learning curves, requiring dedicated security teams
Too Limited: Simple tools that lack depth and can't scale to production needs

VeriBits fills the gap in the middle—powerful enough for production, simple enough for any developer to use.

💡 What Problem Does It Solve?

The Security-Speed Paradox

Modern development moves fast, but security often slows things down. VeriBits solves this by making security checks:

Instant: Results in milliseconds, not minutes
Automated: Integrate into CI/CD pipelines
Comprehensive: 38+ tools in one platform
Accessible: Web UI, CLI, API, and IaC integrations

Specific Problems We Solve

❌ Problem: Secrets in Code

✅ Solution: Automated secrets scanning in CI/CD catches API keys, tokens, and passwords before they reach production

vb secrets-scan app.js
# Finds: AWS keys, GitHub tokens, passwords, etc.

❌ Problem: Overly Permissive IAM Policies

✅ Solution: IAM policy analyzer identifies security risks before deployment

vb iam-analyze policy.json
# Risk Score: 85/100 (HIGH)
# Finding: Allows s3:* on all resources

❌ Problem: SSL Certificate Expiration

✅ Solution: Automated SSL monitoring in Terraform/Ansible

vb ssl-check example.com
# Expires in: 7 days ⚠️  (renew soon!)

❌ Problem: Email Deliverability Issues

✅ Solution: Comprehensive email verification (SPF, DMARC, DKIM, MX)

vb email-score example.com
# Score: 42/100
# Missing: DMARC policy, SPF too permissive

❌ Problem: Data Breaches

✅ Solution: HIBP integration to check if emails/passwords are compromised

vb hibp-email user@example.com
# Found in 3 breaches: LinkedIn (2012), Adobe (2013)...

❌ Problem: Misconfigured Cloud Storage

✅ Solution: S3/Azure/GCP bucket security scanning

vb cloud-storage-scan my-bucket
# Risk: PUBLIC ACCESS ENABLED ⚠️
# Recommendation: Enable bucket encryption

🛠️ All Tools (30+ and Growing)

VeriBits provides a comprehensive suite of security, networking, and developer tools. All tools are available via Web UI, CLI, and API.

Developer Tools (8 tools)

Hash Generator/Validator

Generate and validate MD5, SHA-1, SHA-256, SHA-512, bcrypt, Argon2 hashes with salt support

# Node.js
vb hash-generate --algorithm sha256 --text "password"
vb hash-validate --hash abc123 --text "password"

# Python
veribits hash-generate sha256 "password"

# PHP
./veribits.php hash sha256 "password"

JSON/YAML Validator

Validate, format, minify, and convert between JSON and YAML

vb json-validate data.json
vb yaml-validate config.yaml
vb json-to-yaml data.json
vb yaml-to-json config.yaml

Base64 Encoder/Decoder

Encode/decode text and files, image preview, URL-safe encoding

vb base64-encode "secret text"
vb base64-decode "c2VjcmV0IHRleHQ="
vb base64-encode --file image.png

JWT Debugger

Decode, verify, and debug JSON Web Tokens

vb jwt-decode <token>
vb jwt-verify --token <token> --secret "key"

Regex Tester

Test regular expressions with match highlighting

vb regex "\d{3}-\d{3}-\d{4}" "555-123-4567"

URL Encoder/Decoder

URL encode and decode strings for web applications

vb url-encode "hello world"
vb url-decode "hello%20world"

Code Signing Validator

Verify digital signatures on executables and packages

vb code-sign-verify app.exe

Crypto Validator

Validate cryptocurrency addresses (BTC, ETH, etc.)

vb crypto-validate --address 1A1z... --type btc

Security Scanners (6 tools)

Docker Image Scanner (NEW)

Dockerfile security analysis with 0-100 risk score, vulnerability detection

# Node.js
vb docker-scan --file Dockerfile

# Python
veribits docker-scan Dockerfile

# Output: Security Score: 75/100
# Findings: Base image outdated, running as root

Terraform Scanner (NEW)

IaC security scanning for AWS/cloud misconfigurations

vb terraform-scan --file main.tf

# Checks: S3 public access, IAM wildcards,
# unencrypted resources, security groups

Kubernetes Validator (NEW)

K8s manifest security validation and best practices

vb k8s-validate deployment.yaml

# Checks: Privileged containers, resource limits,
# security contexts, network policies

Secrets Scanner

Detect hardcoded secrets, API keys, tokens, passwords in code

vb secrets-scan src/**/*.js
vb secrets-scan --directory ./app

IAM Policy Analyzer

Analyze AWS IAM policies for security risks and overly permissive access

vb iam-analyze policy.json

# Risk Score: 85/100
# Issues: Wildcard actions, missing conditions

DB Connection Auditor

Audit database connection strings for security issues

vb db-audit "postgres://user:pass@host/db"

# Checks: SSL enforcement, weak passwords,
# default credentials, exposed ports

Network & DNS Tools (9 tools)

PCAP Analyzer - AI-Powered (NEW)

DNS troubleshooting, BGP/OSPF analysis, attack detection with OpenAI insights

# Node.js
vb pcap-analyze --file capture.pcap

# Python
veribits pcap-analyze capture.pcap

# Features:
# - DNS query/response analysis
# - BGP route detection
# - TCP handshake analysis
# - AI-powered attack detection
# - Protocol distribution stats

Firewall Editor (NEW)

iptables/ebtables GUI editor with version control and CLI API

# Node.js
vb firewall-editor --device server01 --version latest

# Python
veribits firewall-editor list
veribits firewall-editor export server01

# Features:
# - Edit iptables/ebtables rules via GUI
# - Version control for firewall configs
# - Rollback support
# - Rule validation before apply

DNSSEC Validator (NEW)

Validate DNSSEC chain of trust, DS records, RRSIG signatures

vb dnssec-validate example.com

# Checks: DNSKEY, DS records, RRSIG,
# chain of trust validation

DNS Propagation Checker (NEW)

Check DNS records across 16 global nameservers

vb dns-propagation --domain example.com --type A

# Servers: Google, Cloudflare, OpenDNS,
# Quad9, plus regional servers worldwide

Reverse DNS Lookup (NEW)

Bulk PTR record lookup with forward validation

vb reverse-dns 8.8.8.8
vb reverse-dns --file ips.txt

# Returns: PTR records with forward confirmation

Visual Traceroute

Interactive traceroute with geolocation and ASN data

vb traceroute google.com

# Shows: Hops, latency, ASN, geolocation

BGP Intelligence

BGP AS path analysis, route origin validation, prefix lookup

vb bgp-lookup AS15169
vb bgp-prefix 8.8.8.0/24

RBL Checker

Check IPs against 50+ spam blacklists

vb rbl-check 1.2.3.4

DNS Zone Validator

Validate DNS zone files for syntax and best practices

vb zone-validate zone.db

SSL/TLS & Certificates (5 tools)

SSL Certificate Checker

Check certificate validity, expiration, chain of trust

vb ssl-check example.com

Certificate Converter

Convert between PEM, DER, PFX, P7B formats (OpenSSL-compatible)

vb ssl-convert -inform DER -outform PEM \
  -in cert.der -out cert.pem

SSL Generator

Generate self-signed certificates and CSRs

vb ssl-generate --domain example.com

PGP Key Validator

Validate PGP public keys and signatures

vb pgp-validate key.asc

Security Headers Checker

Analyze HTTP security headers (CSP, HSTS, X-Frame-Options, etc.)

vb security-headers https://example.com

# Checks: CSP, HSTS, X-Frame-Options,
# X-Content-Type-Options, Referrer-Policy

Email Verification (6 tools)

Email Validator

Verify email addresses and domains

SPF Checker

Validate SPF records

DMARC Checker

Validate DMARC policies

DKIM Checker

Validate DKIM signatures

MX Record Checker

Check mail server records

HIBP Integration

Check if emails/passwords appear in data breaches

Utilities & File Analysis (4 tools)

IP Calculator

Subnet calculator with CIDR notation support

File Magic Analyzer

Detect file types via magic bytes and metadata

Steganography Detector

Detect hidden data in images and files

SMTP Relay Checker

Test SMTP server relay configuration

Total: 38 Tools - All available via Web UI, Node.js CLI, Python CLI, PHP CLI, and REST API

🖥️ How to Use the CLI

Installation

Node.js (npm):

# Install globally
npm install -g veribits

# Verify installation
vb --version
# veribits 2.0.0

Python (pip):

# Install globally
pip install veribits

# Verify installation
vb --version
# veribits 2.0.0

PHP (standalone):

# Download
wget https://www.veribits.com/cli/veribits.php
chmod +x veribits.php

# Use directly
./veribits.php --version

Basic Usage

# Get help
vb --help

# Run a command
vb <command> [arguments] [options]

# Examples
vb hash "hello world"
vb ssl-check google.com
vb email-verify user@example.com

Interactive Console Mode (NEW! 🎉)

Stay logged in and use TAB completion for faster workflows:

# Start console
vb console

╔════════════════════════════════════════════════════════════╗
║           VeriBits Interactive Console v2.0.0              ║
╚════════════════════════════════════════════════════════════╝

Type 'help' for available commands or 'exit' to quit

✓ Authenticated with API key

veribits> email-spf google.com    # Press TAB for completion
veribits> ssl-check github.com
veribits> help                    # List all commands
veribits> exit                    # Leave console

💡 Pro Tip: Console mode is perfect for rapid testing and investigation. No need to type vb for every command, and you stay authenticated!

Authentication

# Method 1: Environment variable (recommended)
export VERIBITS_API_KEY="your-api-key-here"
vb ssl-check example.com

# Method 2: Inline flag
vb --api-key your-key ssl-check example.com

# Method 3: Config file (coming soon)
# ~/.veribits/config

Available Commands (38+ total)

# Security & IAM
vb iam-analyze policy.json
vb secrets-scan app.js
vb db-audit "postgresql://user:pass@host/db"
vb security-headers https://example.com

# Developer Tools
vb jwt-decode <token>
vb hash "text" --algorithm sha256
vb regex "\d+" "test 123"
vb url-encode "hello world"
vb base64 "secret data"

# Network Tools
vb dns-validate google.com
vb ip-calc 192.168.1.0/24
vb rbl-check 1.2.3.4
vb traceroute google.com
vb bgp-lookup AS15169

# Email Verification
vb email-verify user@example.com
vb email-spf example.com
vb email-dmarc example.com
vb email-dkim example.com
vb email-score example.com
vb hibp-email user@example.com

# SSL/TLS Tools
vb ssl-check example.com
vb ssl-convert -inform DER -outform PEM -in cert.der -out cert.pem
vb ssl-resolve-chain example.com
vb ssl-verify-keypair cert.pem key.pem
vb csr-validate request.csr

# Cloud Security
vb cloud-storage-scan my-bucket
vb cloud-storage-search "backup" --provider aws
vb malware-scan file.exe

# File Analysis
vb file-magic document.pdf
vb steg-detect image.png
vb inspect-archive backup.zip

# Utilities
vb tool-search "email"
vb tool-list
vb health
vb whois example.com

# Interactive Console
vb console

⭐ Most Common CLI Operations

1. Pre-Deployment Security Scan

# Scan for secrets before git commit
vb secrets-scan src/config.js

# Check IAM policy security
vb iam-analyze iam-policy.json

# Verify SSL certificate
vb ssl-check api.example.com

2. Email Domain Investigation

# Complete email domain audit
vb email-spf example.com
vb email-dmarc example.com
vb email-dkim example.com --selector default
vb email-mx example.com
vb email-score example.com
vb whois example.com

3. SSL/TLS Certificate Management

# Check certificate expiration
vb ssl-check example.com

# Convert certificate format (OpenSSL compatible)
vb ssl-convert -inform DER -outform PEM -in cert.der -out cert.pem

# Resolve certificate chain
vb ssl-resolve-chain example.com

# Verify certificate and key pair match
vb ssl-verify-keypair server.crt server.key

4. CI/CD Integration

#!/bin/bash
# .github/workflows/security-scan.sh

# Fail build if secrets found
if vb secrets-scan src/**/*.js | grep -q "Secrets Found: [1-9]"; then
  echo "❌ Secrets detected in code!"
  exit 1
fi

# Check IAM policies
vb iam-analyze terraform/iam-policy.json

echo "✅ Security checks passed"

5. Data Breach Checking

# Check if email appears in breaches
vb hibp-email user@example.com

# Check if password is compromised (uses k-anonymity)
vb hibp-password "MyPassword123"

6. Network Investigation

# IP subnet calculation
vb ip-calc 192.168.1.0/24

# Check if IP is blacklisted
vb rbl-check 1.2.3.4

# Trace route to host
vb traceroute google.com

# BGP AS lookup
vb bgp-lookup AS15169

7. Quick Development Tools

# Generate hash
vb hash "secret" --algorithm sha256

# Test regex pattern
vb regex "\d{3}-\d{3}-\d{4}" "Call 555-123-4567"

# Decode JWT token
vb jwt-decode eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

# URL encode/decode
vb url-encode "hello world"

# Base64 encode/decode
vb base64 "secret data"

💼 Interview Use Cases - Show Off Your Skills

These real-world scenarios demonstrate how VeriBits solves complex problems that interviewers love to ask about.

Use Case 1: DNS Troubleshooting with PCAP Analysis

Interview Question: "How would you troubleshoot DNS resolution failures in a production environment?"

The VeriBits Answer: Use PCAP Analyzer with AI-powered insights

# Scenario: Customers reporting intermittent DNS failures
# Step 1: Capture network traffic
tcpdump -i eth0 -w dns-issue.pcap port 53

# Step 2: Analyze with VeriBits PCAP Analyzer
vb pcap-analyze --file dns-issue.pcap

# AI-Powered Output:
# ==================
# DNS Analysis:
# - 847 DNS queries detected
# - 156 queries with NXDOMAIN (18.4%)
# - 23 queries timing out (2.7%)
# - Top failing domain: api.example.com
#
# AI Insight: "High NXDOMAIN rate suggests DNS cache
# poisoning or misconfigured upstream resolver. The
# failed queries correlate with TTL expiration times,
# indicating a race condition in your DNS caching layer."
#
# Recommendation:
# 1. Check upstream resolver configuration
# 2. Increase negative caching TTL
# 3. Implement DNSSEC validation

# Step 3: Validate DNSSEC
vb dnssec-validate api.example.com

# Step 4: Check DNS propagation across global servers
vb dns-propagation --domain api.example.com --type A

# Result: Issue identified and resolved in minutes, not hours!

Use Case 2: Firewall Management Workflow

Interview Question: "How do you manage firewall rules across multiple servers while maintaining version control?"

The VeriBits Answer: Firewall Editor with built-in version control

# Scenario: Need to update firewall rules on 50 production servers

# Step 1: Export current firewall configuration
vb firewall-editor export server01 --output server01-fw.json

# Step 2: Edit rules via GUI (or programmatically)
vb firewall-editor --device server01 --version latest

# Step 3: Preview changes before applying
vb firewall-editor diff --device server01

# Output:
# + ACCEPT tcp -- 0.0.0.0/0 443 (HTTPS)
# - ACCEPT tcp -- 0.0.0.0/0 8080 (Old API)
# + REJECT tcp -- 192.168.1.0/24 22 (SSH restricted)

# Step 4: Apply changes with automatic rollback
vb firewall-editor apply --device server01 --rollback-timeout 5m

# Step 5: Version control snapshot
vb firewall-editor commit --device server01 --message "Add HTTPS, remove legacy API"

# Step 6: Rollback if needed
vb firewall-editor rollback --device server01 --version previous

# Benefits:
# - GUI editor eliminates iptables syntax errors
# - Automatic validation before apply
# - Built-in version control (no need for Git)
# - Rollback support prevents lockouts
# - CLI API for automation

Use Case 3: Security Scanning Pipeline (CI/CD)

Interview Question: "How would you implement automated security scanning in your CI/CD pipeline?"

The VeriBits Answer: Multi-layered security scanning with Docker, Terraform, K8s, and Secrets

# .github/workflows/security-pipeline.yml
name: Security Scan Pipeline
on: [push, pull_request]

jobs:
  security-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Install VeriBits CLI
        run: npm install -g veribits

      - name: Scan for Secrets
        env:
          VERIBITS_API_KEY: ${{ secrets.VERIBITS_API_KEY }}
        run: |
          echo "🔍 Scanning for hardcoded secrets..."
          vb secrets-scan src/**/*.{js,ts,py,go}
          if [ $? -ne 0 ]; then
            echo "❌ Secrets found! Failing build."
            exit 1
          fi

      - name: Scan Dockerfile
        run: |
          echo "🐋 Scanning Dockerfile for vulnerabilities..."
          vb docker-scan --file Dockerfile --min-score 70
          # Fails if security score < 70/100

      - name: Scan Terraform
        run: |
          echo "🏗️  Scanning Terraform for misconfigurations..."
          vb terraform-scan --directory ./infrastructure
          # Checks: Public S3 buckets, overpermissive IAM,
          # unencrypted resources, open security groups

      - name: Validate Kubernetes Manifests
        run: |
          echo "☸️  Validating Kubernetes security..."
          vb k8s-validate k8s/*.yaml
          # Checks: Privileged containers, missing resource limits,
          # security contexts, network policies

      - name: Analyze IAM Policies
        run: |
          echo "🔐 Analyzing IAM policies..."
          vb iam-analyze terraform/iam-policy.json --max-risk 75
          # Fails if risk score > 75/100

      - name: Check SSL Certificates
        run: |
          echo "🔒 Checking SSL certificate expiration..."
          vb ssl-check api.example.com
          # Warns if cert expires in < 30 days

# Result: Comprehensive security scanning in < 2 minutes
# Catches issues BEFORE they reach production!

Use Case 4: Multi-Cloud Security Audit

Interview Question: "How do you audit security across AWS, Azure, and GCP environments?"

# Scenario: Quarterly security audit across all cloud providers

# AWS Security Audit
vb iam-analyze aws-policies/*.json
vb cloud-storage-scan --provider aws --bucket prod-data
vb secrets-scan --directory ./aws-lambdas

# Azure Security Audit
vb cloud-storage-scan --provider azure --container backups
vb security-headers https://app.azure.example.com

# GCP Security Audit
vb cloud-storage-scan --provider gcp --bucket prod-gcs
vb k8s-validate gke-manifests/*.yaml

# Generate consolidated report
vb audit-report --output security-audit-Q1-2025.pdf

# Email to stakeholders
vb email-verify security-team@example.com

Use Case 5: Incident Response - Breach Detection

Interview Question: "User credentials may be compromised. How do you investigate?"

# Scenario: Suspicious login activity detected

# Step 1: Check if emails appear in known breaches
vb hibp-email user1@example.com
vb hibp-email user2@example.com
vb hibp-email user3@example.com

# Output: user1@example.com found in:
# - LinkedIn (2012) - 167M accounts
# - Adobe (2013) - 153M accounts
# - Collection #1 (2019) - 773M accounts

# Step 2: Check password exposure (k-anonymity - secure)
vb hibp-password "CommonPassword123"
# Found 47,205 times in breaches

# Step 3: Force password reset for affected users
# (Your application logic here)

# Step 4: Scan codebase for exposed credentials
vb secrets-scan --directory ./backend

# Step 5: Audit database connection security
vb db-audit "postgres://user:pass@db.example.com/prod"

# Step 6: Check authentication endpoints security
vb security-headers https://auth.example.com

# Result: Comprehensive breach response in minutes!

Use Case 6: Network Diagnostics Deep Dive

Interview Question: "Application is slow. How do you diagnose network issues?"

# Scenario: Users reporting slow API responses

# Step 1: Visual traceroute to API server
vb traceroute api.example.com
# Shows: Route, latency per hop, ASN, geolocation

# Step 2: Check if server IP is blacklisted
vb rbl-check 203.0.113.42
# Checks 50+ spam blacklists

# Step 3: BGP route analysis
vb bgp-lookup AS64496
vb bgp-prefix 203.0.113.0/24

# Step 4: DNS propagation check
vb dns-propagation --domain api.example.com --type A
# Checks 16 global DNS servers

# Step 5: Reverse DNS validation
vb reverse-dns 203.0.113.42
# Verifies PTR record matches forward lookup

# Step 6: PCAP analysis for deeper investigation
vb pcap-analyze --file api-traffic.pcap
# AI detects: "High TCP retransmission rate (12%)
# suggests network congestion or packet loss"

# Result: Network bottleneck identified quickly!

💡 Interview Pro Tip: These use cases demonstrate:

Problem-solving methodology
Tool expertise and automation skills
Security-first mindset
DevOps best practices
Real-world incident response experience

Mentioning VeriBits shows you stay current with modern security tools!

📜 How Licensing Works

Tiers

Tier	Scans/Month	File Size Limit	Rate Limits	Price
Free	5 total (lifetime)	50 MB	5 requests/hour	$0
Starter	1,000	100 MB	100 requests/hour	$29/month
Professional	10,000	500 MB	1,000 requests/hour	$99/month
Enterprise	Unlimited	10 GB	Custom	$499/month

What's Included

All Tiers: Access to all 38+ CLI commands and 100+ API endpoints
Paid Tiers: Priority support, SLA guarantees, audit logs
Enterprise: Dedicated support, custom integrations, on-premise deployment options

📌 Note: The free tier is perfect for testing and personal projects. For production use, we recommend at least the Starter tier.

License Types

API Key: Standard authentication for API and CLI
OAuth Token: For third-party integrations
Enterprise License: Custom authentication with SSO support

🎫 How to Obtain a License

Step 1: Create an Account

Visit veribits.com/signup.php
Enter your email and create a password
Verify your email address
You'll automatically receive 5 free scans

Step 2: Choose Your Plan

Log in to your dashboard
Click "Upgrade Plan" or visit Pricing
Select the plan that fits your needs
Enter payment information (credit card or PayPal)

Step 3: Get Your API Key

After signup/upgrade, go to Settings
Navigate to the "API Keys" section
Click "Generate New API Key"
Copy your key (it will only be shown once!)
Store it securely (e.g., password manager)

⚠️ Security Warning: Never commit API keys to version control or share them publicly. Treat them like passwords!

Key Regeneration

If your key is compromised:

Go to Settings → API Keys
Click "Revoke" on the compromised key
Generate a new key immediately
Update all systems using the old key

🔑 Adding Your License to the CLI

Method 1: Environment Variable (Recommended)

This is the most secure and convenient method for local development:

Linux/macOS:

# Add to ~/.bashrc or ~/.zshrc for permanent setup
export VERIBITS_API_KEY="vb_1234567890abcdef..."

# Or temporary for current session
export VERIBITS_API_KEY="vb_1234567890abcdef..."

# Verify it's set
echo $VERIBITS_API_KEY

# Use CLI (no --api-key needed)
vb ssl-check google.com

Windows (PowerShell):

# Temporary (current session)
$env:VERIBITS_API_KEY="vb_1234567890abcdef..."

# Permanent (all sessions)
[System.Environment]::SetEnvironmentVariable('VERIBITS_API_KEY', 'vb_1234567890abcdef...', 'User')

# Verify
echo $env:VERIBITS_API_KEY

Windows (CMD):

# Temporary
set VERIBITS_API_KEY=vb_1234567890abcdef...

# Permanent
setx VERIBITS_API_KEY "vb_1234567890abcdef..."

Method 2: Command-Line Flag

Pass the API key directly with each command:

vb --api-key vb_1234567890abcdef... ssl-check google.com

# Works with all commands
vb --api-key vb_1234567890abcdef... email-verify user@example.com

Method 3: Console Mode

Use the interactive console to stay authenticated:

# Set environment variable first
export VERIBITS_API_KEY="vb_1234567890abcdef..."

# Start console (automatically uses env var)
vb console

# Or pass key inline
vb --api-key vb_1234567890abcdef... console

# Now you're authenticated for all commands
veribits> ssl-check google.com
veribits> email-verify user@example.com

Method 4: CI/CD Environment

For GitHub Actions, GitLab CI, Jenkins, etc.:

GitHub Actions:

# .github/workflows/security-scan.yml
name: Security Scan
on: [push]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Install VeriBits CLI
        run: npm install -g veribits

      - name: Scan for secrets
        env:
          VERIBITS_API_KEY: ${{ secrets.VERIBITS_API_KEY }}
        run: vb secrets-scan src/**/*.js

GitLab CI:

# .gitlab-ci.yml
security-scan:
  stage: test
  before_script:
    - npm install -g veribits
  script:
    - vb secrets-scan src/**/*.js
  variables:
    VERIBITS_API_KEY: $VERIBITS_API_KEY  # Set in GitLab CI/CD variables

✅ Best Practice: Always use environment variables or secret management systems in CI/CD. Never hardcode API keys in your code or config files!

Verifying Authentication

# Check API health with authentication
vb health

# Expected output:
# ✓ Authenticated with API key
# Status: HEALTHY
# Plan: Professional
# Scans Remaining: 9,847/10,000

🔌 API Endpoints

All VeriBits tools are accessible via REST API. Here are examples for the new tools:

Base URL

https://www.veribits.com/api/v1

Authentication

# Header-based authentication
curl -H "Authorization: Bearer vb_your_api_key" \
  https://www.veribits.com/api/v1/tools/hash-generate

# Query parameter (not recommended for production)
curl "https://www.veribits.com/api/v1/tools/hash-generate?api_key=vb_your_api_key"

Developer Tools API

# Hash Generator
POST /api/v1/developer-tools/hash-generate
Content-Type: application/json
{
  "algorithm": "sha256",
  "text": "password",
  "salt": "optional_salt"
}

# JSON Validator
POST /api/v1/developer-tools/json-validate
Content-Type: application/json
{
  "json": "{\"key\": \"value\"}",
  "format": true
}

# Base64 Encoder
POST /api/v1/developer-tools/base64-encode
Content-Type: application/json
{
  "text": "secret data",
  "url_safe": false
}

# JWT Decoder
POST /api/v1/developer-tools/jwt-decode
Content-Type: application/json
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Security Scanners API

# Docker Image Scanner
POST /api/v1/security/docker-scan
Content-Type: application/json
{
  "dockerfile": "FROM ubuntu:20.04\nRUN apt-get update...",
  "filename": "Dockerfile"
}

# Response:
{
  "score": 75,
  "issues": [
    {
      "severity": "high",
      "message": "Running as root user",
      "line": 5
    }
  ]
}

# Terraform Scanner
POST /api/v1/security/terraform-scan
Content-Type: application/json
{
  "terraform_code": "resource \"aws_s3_bucket\" ...",
  "filename": "main.tf"
}

# Kubernetes Validator
POST /api/v1/security/k8s-validate
Content-Type: application/json
{
  "manifest": "apiVersion: v1\nkind: Pod...",
  "filename": "deployment.yaml"
}

# Secrets Scanner
POST /api/v1/security/secrets-scan
Content-Type: application/json
{
  "code": "const API_KEY = 'sk-1234567890';",
  "filename": "config.js"
}

# IAM Policy Analyzer
POST /api/v1/security/iam-analyze
Content-Type: application/json
{
  "policy": {
    "Version": "2012-10-17",
    "Statement": [...]
  }
}

# DB Connection Auditor
POST /api/v1/security/db-audit
Content-Type: application/json
{
  "connection_string": "postgresql://user:pass@host/db"
}

Network Tools API

# PCAP Analyzer (file upload)
POST /api/v1/network-tools/pcap-analyze
Content-Type: multipart/form-data
{
  "file": <pcap_file>,
  "analyze_dns": true,
  "analyze_bgp": true,
  "ai_insights": true
}

# Response:
{
  "packets": 1247,
  "protocols": {
    "dns": 847,
    "tcp": 356,
    "udp": 44
  },
  "dns_analysis": {
    "queries": 847,
    "nxdomain": 156,
    "timeouts": 23
  },
  "ai_insight": "High NXDOMAIN rate suggests DNS cache poisoning..."
}

# DNSSEC Validator
GET /api/v1/network-tools/dnssec-validate?domain=example.com

# DNS Propagation Checker
GET /api/v1/network-tools/dns-propagation?domain=example.com&type=A

# Reverse DNS Lookup
GET /api/v1/network-tools/reverse-dns?ip=8.8.8.8

# Firewall Editor - List Rules
GET /api/v1/network-tools/firewall-editor/rules?device=server01

# Firewall Editor - Apply Rules
POST /api/v1/network-tools/firewall-editor/apply
Content-Type: application/json
{
  "device": "server01",
  "rules": [
    {
      "action": "ACCEPT",
      "protocol": "tcp",
      "port": 443
    }
  ]
}

Rate Limiting

# Rate limit headers in response
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 847
X-RateLimit-Reset: 1640995200

# Rate limit exceeded response
HTTP/1.1 429 Too Many Requests
{
  "error": "Rate limit exceeded",
  "retry_after": 3600
}

Error Handling

# Standard error response
{
  "error": "Invalid API key",
  "error_code": "AUTH_INVALID",
  "message": "The provided API key is invalid or expired",
  "docs_url": "https://www.veribits.com/docs#authentication"
}

# Validation error
{
  "error": "Validation failed",
  "error_code": "VALIDATION_ERROR",
  "errors": [
    {
      "field": "algorithm",
      "message": "Must be one of: md5, sha1, sha256, sha512"
    }
  ]
}

📌 Full API Documentation: Visit veribits.com/api/docs for complete API reference with interactive examples.

🏗️ Terraform Provider

Installation

# terraform.tf
terraform {
  required_providers {
    veribits = {
      source  = "afterdarksystems/veribits"
      version = "~> 2.0"
    }
  }
}

provider "veribits" {
  api_key = var.veribits_api_key  # From environment or Terraform variables
  api_url = "https://www.veribits.com/api/v1"
}

Configuration

# variables.tf
variable "veribits_api_key" {
  description = "VeriBits API Key"
  type        = string
  sensitive   = true
}

# Set via environment variable
# export TF_VAR_veribits_api_key="vb_1234567890abcdef..."

# Or via terraform.tfvars (DO NOT commit this file!)
# veribits_api_key = "vb_1234567890abcdef..."

Example Usage

# Validate IAM policy before deployment
resource "veribits_iam_policy_validation" "s3_policy" {
  policy_document = aws_iam_policy.s3_access.policy
  policy_name     = "s3-bucket-access"
  max_risk_level  = "medium"  # Fail if risk is high or critical
}

# Check SSL certificate before creating Route53 record
data "veribits_ssl_check" "api_cert" {
  host = "api.example.com"
  port = 443
}

output "cert_expires_in_days" {
  value = data.veribits_ssl_check.api_cert.expires_in_days
}

# Scan for secrets before deploying
resource "veribits_secrets_scan" "k8s_manifests" {
  source_file     = "${path.module}/k8s/deployment.yaml"
  fail_on_secrets = true
}

# Verify email domain before SES setup
data "veribits_email_spf" "domain" {
  domain = "example.com"
}

resource "aws_ses_domain_identity" "example" {
  # Only create if SPF is valid
  count  = data.veribits_email_spf.domain.valid ? 1 : 0
  domain = "example.com"
}

Available Resources & Data Sources

veribits_iam_policy_validation - Validate IAM policies
veribits_secrets_scan - Scan for exposed secrets
veribits_ssl_check - Check SSL certificates
veribits_email_spf - Validate SPF records
veribits_dns_validate - Validate DNS records
veribits_cloud_storage_scan - Security scan buckets

📌 Coming Soon: The Terraform provider is currently in development. Expected release: Q1 2026. Sign up to be notified when it's available.

⚙️ Ansible Module

Installation

# Install the VeriBits collection from Ansible Galaxy
ansible-galaxy collection install afterdarksystems.veribits

# Verify installation
ansible-galaxy collection list | grep veribits

Configuration

# group_vars/all.yml or inventory
veribits_api_key: "{{ lookup('env', 'VERIBITS_API_KEY') }}"

# Or use Ansible Vault for security
ansible-vault encrypt_string 'vb_1234567890abcdef...' --name 'veribits_api_key'

Example Playbook

---
- name: VeriBits Security Audit
  hosts: localhost
  collections:
    - afterdarksystems.veribits

  tasks:
    # Scan for secrets before deployment
    - name: Scan deployment files for secrets
      secrets_scan:
        source_file: /path/to/deployment.yaml
        api_key: "{{ veribits_api_key }}"
      register: secrets_result
      failed_when: secrets_result.secrets_found > 0

    # Validate IAM policies
    - name: Check IAM policy security
      iam_policy_validate:
        policy_file: /path/to/policy.json
        api_key: "{{ veribits_api_key }}"
        max_risk_level: medium
      register: iam_result

    - name: Display IAM findings
      debug:
        msg: "IAM Risk Score: {{ iam_result.risk_score }}/100"

    # Check SSL certificates for multiple domains
    - name: Verify SSL certificates
      ssl_check:
        host: "{{ item }}"
        port: 443
        api_key: "{{ veribits_api_key }}"
      loop:
        - api.example.com
        - www.example.com
        - admin.example.com
      register: ssl_results

    - name: Alert on expiring certificates
      debug:
        msg: "⚠️  Certificate for {{ item.host }} expires in {{ item.expires_in_days }} days"
      loop: "{{ ssl_results.results }}"
      when: item.expires_in_days < 30

    # Email domain verification
    - name: Verify email configuration
      email_verify:
        domain: example.com
        checks:
          - spf
          - dmarc
          - mx
        api_key: "{{ veribits_api_key }}"
      register: email_result

    - name: Fail if email score is low
      fail:
        msg: "Email deliverability score too low: {{ email_result.score }}/100"
      when: email_result.score < 70

    # Cloud storage security
    - name: Scan S3 buckets
      cloud_storage_scan:
        bucket: "{{ item }}"
        provider: aws
        api_key: "{{ veribits_api_key }}"
      loop: "{{ s3_buckets }}"
      register: bucket_results

    - name: Fail if bucket is public
      fail:
        msg: "Bucket {{ item.bucket }} has public access enabled!"
      loop: "{{ bucket_results.results }}"
      when: item.public_access == true

Available Modules

iam_policy_validate - Validate AWS IAM policies
secrets_scan - Scan for exposed secrets
ssl_check - Check SSL certificate status
email_verify - Comprehensive email validation
dns_validate - Validate DNS records
cloud_storage_scan - Scan cloud storage security
security_headers - Check HTTP security headers

Integration with CI/CD

# .gitlab-ci.yml
security-check:
  stage: test
  image: ansible:latest
  script:
    - ansible-galaxy collection install afterdarksystems.veribits
    - ansible-playbook security-audit.yml
  variables:
    VERIBITS_API_KEY: $VERIBITS_API_KEY

📌 Coming Soon: The Ansible collection is currently in development. Expected release: Q1 2026. Sign up to be notified when it's available.

📚 VeriBits Documentation

Table of Contents

🎯 Why We Made VeriBits

💡 What Problem Does It Solve?

The Security-Speed Paradox

Specific Problems We Solve

🛠️ All Tools (30+ and Growing)

Developer Tools (8 tools)

Security Scanners (6 tools)

Network & DNS Tools (9 tools)

SSL/TLS & Certificates (5 tools)

Email Verification (6 tools)

Utilities & File Analysis (4 tools)

🖥️ How to Use the CLI

Installation

Basic Usage

Interactive Console Mode (NEW! 🎉)

Authentication

Available Commands (38+ total)

⭐ Most Common CLI Operations

1. Pre-Deployment Security Scan

2. Email Domain Investigation

3. SSL/TLS Certificate Management

4. CI/CD Integration

5. Data Breach Checking

6. Network Investigation

7. Quick Development Tools

💼 Interview Use Cases - Show Off Your Skills

Use Case 1: DNS Troubleshooting with PCAP Analysis

Use Case 2: Firewall Management Workflow

Use Case 3: Security Scanning Pipeline (CI/CD)

Use Case 4: Multi-Cloud Security Audit

Use Case 5: Incident Response - Breach Detection

Use Case 6: Network Diagnostics Deep Dive

📜 How Licensing Works

Tiers

What's Included

License Types

🎫 How to Obtain a License

Step 1: Create an Account

Step 2: Choose Your Plan

Step 3: Get Your API Key

Key Regeneration

🔑 Adding Your License to the CLI

Method 1: Environment Variable (Recommended)

Method 2: Command-Line Flag

Method 3: Console Mode

Method 4: CI/CD Environment

Verifying Authentication

🔌 API Endpoints

Base URL

Authentication

Developer Tools API

Security Scanners API

Network Tools API

Rate Limiting

Error Handling

🏗️ Terraform Provider

Installation

Configuration

Example Usage

Available Resources & Data Sources

⚙️ Ansible Module

Installation

Configuration

Example Playbook

Available Modules

Integration with CI/CD